Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
202
security advisorymoderatepatchopenSUSE 2024:0214-1 Moderate: python-sentry-sdk Environment Leak
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for python-sentry-sdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0214-1 Rating: moderate References: #1228128 Cross-References: CVE-2024-40647 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-sentry-sdk fixes the following issues: - CVE-2024-40647: Do not leak environment variables to child processes. (bsc#1228128) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-214=1 Package List: - openSUSE Backports SLE-15-SP5 (noarch): python3-sentry-sdk-0.14.4-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-40647.html https://bugzilla.suse.com/1228128 . A recent patch tackles the vulnerability in the javascript-tracker, vital for safeguarding sensitive data exposure through configuration settings.. OpenSUSE Security Update, Python Sentry SDK, Environment Protection. . LinuxSecurity.com Team
Jul 23, 2024
OpenSUSE
98
security advisorymoderateRed HatRed Hat Enterprise Linux 8 RHSA-2021-0531-01 Moderate: Environment Leak
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: container-tools:rhel8 security, bug fix, and enhancement update Advisory ID: RHSA-2021:0531-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0531 Issue date: 2021-02-16 CVE Names: CVE-2020-14370 ==================================================================== 1. Summary: An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1678546 - Podman fails to create containers on RHEL 8 if CGroups V2 is enabled. 1701359 - rpmdiff message: Detecting usr/bin/buildah with not-hardened warnings 1701361 - rpmdiff message: Detecting usr/bin/fuse-overlayfs with not-hardened warnings 1843168 - [RFE] podman volume should include the filter dangling=true 1846629 - [RFE] Enable "podman search" to use wildcard (star) for queries 1848150 - Improved error message when signatures cannot be stored 1873064 - Can not execute podman commands scheduled by cron 1873204 - podman run --log-driver journald didn't works as expected 1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API 1876576 - podman images can panic for incomplete images in the storage 1877865 - dnsname plugin missing from RHEL 8.2 1880987 - ubi8-init rootless fails on RHEL 8.2 with 'No such file or directory' and 'Permission denied' 1881218 - unable to run RHEL6 container in RHEL 8.3 (container-selinux not installed with podman) 1883945 - Cannot mount /proc/net in a container as it is a symlink to /proc/self/net and not assigned proc_t 1884668 - Fix parsing of the parameter to detect digests and use the appropriate @ separator. 1895105 - Podman events nonfunctional as rootless 1897012 - podman search doesn't give description of packages with --no-trunc option 1898911 - Empty cidfile after container creation 1902673 - Using rootless podman with slirp4netns and without the --disable-host-loopback 1903412 - Podman 2.0 fails to build an image using '--network container' in rootless mode 1925928 - BrokenPipeError("Disconnected") when instaniate Client 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: buildah-1.16.7-4.module+el8.3.1+9857+68fb1526.src.rpm cockpit-podman-27.1-3.module+el8.3.1+9857+68fb1526.src.rpm conmon-2.0.22-3.module+el8.3.1+9857+68fb1526.src.rpm container-selinux-2.155.0-1.module+el8.3.1+9857+68fb1526.src.rpm containernetworking-plugins-0.9.0-1.module+el8.3.1+9857+68fb1526.src.rpm criu-3.15-1.module+el8.3.1+9857+68fb1526.src.rpm crun-0.16-2.module+el8.3.1+9857+68fb1526.src.rpm fuse-overlayfs-1.3.0-2.module+el8.3.1+9857+68fb1526.src.rpm libslirp-4.3.1-1.module+el8.3.1+9803+64eb0fd6.src.rpm oci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9857+68fb1526.src.rpm podman-2.2.1-7.module+el8.3.1+9857+68fb1526.src.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src.rpm runc-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src.rpm skopeo-1.2.0-9.module+el8.3.1+9857+68fb1526.src.rpm slirp4netns-1.1.8-1.module+el8.3.1+9857+68fb1526.src.rpm toolbox-0.0.8-1.module+el8.3.1+9857+68fb1526.src.rpm udica-0.2.4-1.module+el8.3.1+9857+68fb1526.src.rpm aarch64: buildah-1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64.rpm buildah-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64.rpm buildah-debugsource-1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64.rpm buildah-tests-1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64.rpm buildah-tests-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64.rpm conmon-2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64.rpm conmon-debuginfo-2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64.rpm conmon-debugsource-2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64.rpm containernetworking-plugins-0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64.rpm containernetworking-plugins-debuginfo-0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64.rpm containernetworking-plugins-debugsource-0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64.rpm containers-common-1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64.rpm crit-3.15-1.module+el8.3.1+9857+68fb1526.aarch64.rpm criu-3.15-1.module+el8.3.1+9857+68fb1526.aarch64.rpm criu-debuginfo-3.15-1.module+el8.3.1+9857+68fb1526.aarch64.rpm criu-debugsource-3.15-1.module+el8.3.1+9857+68fb1526.aarch64.rpm crun-0.16-2.module+el8.3.1+9857+68fb1526.aarch64.rpm crun-debuginfo-0.16-2.module+el8.3.1+9857+68fb1526.aarch64.rpm crun-debugsource-0.16-2.module+el8.3.1+9857+68fb1526.aarch64.rpm fuse-overlayfs-1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64.rpm fuse-overlayfs-debuginfo-1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64.rpm fuse-overlayfs-debugsource-1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64.rpm libslirp-4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64.rpm libslirp-debuginfo-4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64.rpm libslirp-debugsource-4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64.rpm libslirp-devel-4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64.rpm oci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-catatonit-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-catatonit-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-debugsource-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-plugins-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-plugins-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-remote-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-remote-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm podman-tests-2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64.rpm python3-criu-3.15-1.module+el8.3.1+9857+68fb1526.aarch64.rpm runc-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64.rpm runc-debuginfo-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64.rpm runc-debugsource-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64.rpm skopeo-1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64.rpm skopeo-debuginfo-1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64.rpm skopeo-debugsource-1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64.rpm skopeo-tests-1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64.rpm slirp4netns-1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64.rpm slirp4netns-debugsource-1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64.rpm noarch: cockpit-podman-27.1-3.module+el8.3.1+9857+68fb1526.noarch.rpm container-selinux-2.155.0-1.module+el8.3.1+9857+68fb1526.noarch.rpm podman-docker-2.2.1-7.module+el8.3.1+9857+68fb1526.noarch.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch.rpm toolbox-0.0.8-1.module+el8.3.1+9857+68fb1526.noarch.rpm udica-0.2.4-1.module+el8.3.1+9857+68fb1526.noarch.rpm ppc64le: buildah-1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le.rpm buildah-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le.rpm buildah-debugsource-1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le.rpm buildah-tests-1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le.rpm buildah-tests-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le.rpm conmon-2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le.rpm conmon-debuginfo-2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le.rpm conmon-debugsource-2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le.rpm containernetworking-plugins-0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm containernetworking-plugins-debuginfo-0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm containernetworking-plugins-debugsource-0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm containers-common-1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le.rpm crit-3.15-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm criu-3.15-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm criu-debuginfo-3.15-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm criu-debugsource-3.15-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm crun-0.16-2.module+el8.3.1+9857+68fb1526.ppc64le.rpm crun-debuginfo-0.16-2.module+el8.3.1+9857+68fb1526.ppc64le.rpm crun-debugsource-0.16-2.module+el8.3.1+9857+68fb1526.ppc64le.rpm fuse-overlayfs-1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le.rpm fuse-overlayfs-debuginfo-1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le.rpm fuse-overlayfs-debugsource-1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le.rpm libslirp-4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le.rpm libslirp-debuginfo-4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le.rpm libslirp-debugsource-4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le.rpm libslirp-devel-4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le.rpm oci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-catatonit-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-catatonit-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-debugsource-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-plugins-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-plugins-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-remote-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-remote-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm podman-tests-2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le.rpm python3-criu-3.15-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm runc-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le.rpm runc-debuginfo-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le.rpm runc-debugsource-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le.rpm skopeo-1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le.rpm skopeo-debuginfo-1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le.rpm skopeo-debugsource-1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le.rpm skopeo-tests-1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le.rpm slirp4netns-1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm slirp4netns-debugsource-1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le.rpm s390x: buildah-1.16.7-4.module+el8.3.1+9857+68fb1526.s390x.rpm buildah-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.s390x.rpm buildah-debugsource-1.16.7-4.module+el8.3.1+9857+68fb1526.s390x.rpm buildah-tests-1.16.7-4.module+el8.3.1+9857+68fb1526.s390x.rpm buildah-tests-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.s390x.rpm conmon-2.0.22-3.module+el8.3.1+9857+68fb1526.s390x.rpm conmon-debuginfo-2.0.22-3.module+el8.3.1+9857+68fb1526.s390x.rpm conmon-debugsource-2.0.22-3.module+el8.3.1+9857+68fb1526.s390x.rpm containernetworking-plugins-0.9.0-1.module+el8.3.1+9857+68fb1526.s390x.rpm containernetworking-plugins-debuginfo-0.9.0-1.module+el8.3.1+9857+68fb1526.s390x.rpm containernetworking-plugins-debugsource-0.9.0-1.module+el8.3.1+9857+68fb1526.s390x.rpm containers-common-1.2.0-9.module+el8.3.1+9857+68fb1526.s390x.rpm crit-3.15-1.module+el8.3.1+9857+68fb1526.s390x.rpm criu-3.15-1.module+el8.3.1+9857+68fb1526.s390x.rpm criu-debuginfo-3.15-1.module+el8.3.1+9857+68fb1526.s390x.rpm criu-debugsource-3.15-1.module+el8.3.1+9857+68fb1526.s390x.rpm crun-0.16-2.module+el8.3.1+9857+68fb1526.s390x.rpm crun-debuginfo-0.16-2.module+el8.3.1+9857+68fb1526.s390x.rpm crun-debugsource-0.16-2.module+el8.3.1+9857+68fb1526.s390x.rpm fuse-overlayfs-1.3.0-2.module+el8.3.1+9857+68fb1526.s390x.rpm fuse-overlayfs-debuginfo-1.3.0-2.module+el8.3.1+9857+68fb1526.s390x.rpm fuse-overlayfs-debugsource-1.3.0-2.module+el8.3.1+9857+68fb1526.s390x.rpm libslirp-4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x.rpm libslirp-debuginfo-4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x.rpm libslirp-debugsource-4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x.rpm libslirp-devel-4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x.rpm oci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9857+68fb1526.s390x.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-1.module+el8.3.1+9857+68fb1526.s390x.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-1.module+el8.3.1+9857+68fb1526.s390x.rpm podman-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-catatonit-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-catatonit-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-debugsource-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-plugins-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-plugins-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-remote-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-remote-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm podman-tests-2.2.1-7.module+el8.3.1+9857+68fb1526.s390x.rpm python3-criu-3.15-1.module+el8.3.1+9857+68fb1526.s390x.rpm runc-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x.rpm runc-debuginfo-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x.rpm runc-debugsource-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x.rpm skopeo-1.2.0-9.module+el8.3.1+9857+68fb1526.s390x.rpm skopeo-debuginfo-1.2.0-9.module+el8.3.1+9857+68fb1526.s390x.rpm skopeo-debugsource-1.2.0-9.module+el8.3.1+9857+68fb1526.s390x.rpm skopeo-tests-1.2.0-9.module+el8.3.1+9857+68fb1526.s390x.rpm slirp4netns-1.1.8-1.module+el8.3.1+9857+68fb1526.s390x.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.3.1+9857+68fb1526.s390x.rpm slirp4netns-debugsource-1.1.8-1.module+el8.3.1+9857+68fb1526.s390x.rpm x86_64: buildah-1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64.rpm buildah-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64.rpm buildah-debugsource-1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64.rpm buildah-tests-1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64.rpm buildah-tests-debuginfo-1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64.rpm conmon-2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64.rpm conmon-debuginfo-2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64.rpm conmon-debugsource-2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64.rpm containernetworking-plugins-0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64.rpm containernetworking-plugins-debuginfo-0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64.rpm containernetworking-plugins-debugsource-0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64.rpm containers-common-1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64.rpm crit-3.15-1.module+el8.3.1+9857+68fb1526.x86_64.rpm criu-3.15-1.module+el8.3.1+9857+68fb1526.x86_64.rpm criu-debuginfo-3.15-1.module+el8.3.1+9857+68fb1526.x86_64.rpm criu-debugsource-3.15-1.module+el8.3.1+9857+68fb1526.x86_64.rpm crun-0.16-2.module+el8.3.1+9857+68fb1526.x86_64.rpm crun-debuginfo-0.16-2.module+el8.3.1+9857+68fb1526.x86_64.rpm crun-debugsource-0.16-2.module+el8.3.1+9857+68fb1526.x86_64.rpm fuse-overlayfs-1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64.rpm fuse-overlayfs-debuginfo-1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64.rpm fuse-overlayfs-debugsource-1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64.rpm libslirp-4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64.rpm libslirp-debuginfo-4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64.rpm libslirp-debugsource-4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64.rpm libslirp-devel-4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64.rpm oci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64.rpm oci-seccomp-bpf-hook-debugsource-1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-catatonit-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-catatonit-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-debugsource-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-plugins-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-plugins-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-remote-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-remote-debuginfo-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm podman-tests-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64.rpm python3-criu-3.15-1.module+el8.3.1+9857+68fb1526.x86_64.rpm runc-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64.rpm runc-debuginfo-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64.rpm runc-debugsource-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64.rpm skopeo-1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64.rpm skopeo-debuginfo-1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64.rpm skopeo-debugsource-1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64.rpm skopeo-tests-1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64.rpm slirp4netns-1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64.rpm slirp4netns-debuginfo-1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64.rpm slirp4netns-debugsource-1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-14370 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.3_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYCvbEdzjgjWX9erEAQgLxg//aXNDTzzxbAGrmD8CqN1FOIwcVSk/qtP6 4BKa43RMaROvQ++Zu7BFIE6nEaq4rw7+yWT6OBWbj1GtvKJVmr50abPbd/C9C2JU qLhYKUtTohtimm1U7MmbpmsbJL+8Em9HWKwkeqnurHTXv4kDMiYvIwkA1lnQ+bwn XkouXnAfT0f0zwyX1W1y42TeEc7gfYL7vUzyNnK2X6NZ88UhBAw/VO4ciEvQchLU 01l12J+GVGtPxj5a113F1MabTrBB9f4Fo4SgslolqExYDoUpfOqlpXPz5EZd1hWV 4lil39aSXkRV3WtZrN9749l2kR7iB1TRbs0j2YjWyqXd+2szpSUY6IvX0YZCyCr8 xvz+soZ4NeQ8EUOjKy3apr34G4hll11gJESI3D7YNpgUQ/n1j4RCpStUszsEksqU AIdcsGsgQMXj0gYFBpftCvr70kr18G7npG3WibqOhjK1fV5Q8Fs72Eqf0RxMtMHA EYjcjm0q3JiDUwjLHOzpnAtMd9QWNJinln/OzS3I3yI9k6SSU0YBF6zfPjQPSfoJ EscgnDE+fKXcR8tpteSirV3CKNWI5ftbs1KDDxDa2XkL9NcQqff5PtjlVzhTMQUD Q5XiTR+eH7MX2ZQ/vnj0Yf/lsXGY1DwoMo9+iRdUdOsQS9uvwitCScm1uef43rs1 eAF5KfIKO6s=etKh -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 16, 2021
Red Hat
202
security advisorymoderateupdateopenSUSE: 2020:2063-1 Moderate: Podman Environment Leak
An update that solves one vulnerability and has two fixes is now available. . openSUSE Security Update: Security update for podman ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:2063-1 Rating: moderate References: #1176804 #1178122 #1178392 Cross-References: CVE-2020-14370 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for podman fixes the following issues: Security issue fixed: - This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804). Non-security issues fixed: - add dependency to timezone package or podman fails to build a container (bsc#1178122) - Install new auto-update system units - Update to v2.1.1 (bsc#1178392): * Changes - The `podman info` command now includes the cgroup manager Podman is using. * API - The REST API now includes a Server header in all responses. - Fixed a bug where the Libpod and Compat Attach endpoints could terminate early, before sending all output from the container. - Fixed a bug where the Compat Create endpoint for containers did not properly handle the Interactive parameter. - Fixed a bug where the Compat Kill endpoint for containers could continue to run after a fatal error. - Fixed a bug where the Limit parameter of the Compat List endpoint for Containers did not properly handle a limit of 0 (returning nothing, instead of all containers) [#7722]. - The Libpod Stats endpoint for containers is being deprecated and will be replaced by a similar endpoint with additional features in a future release. - Changes in v2.1.0 * Features - A new command, `podman image mount`, has been added. This allows for an image to be mounted, read-only, to inspect its contents without creating a container from it [#1433]. - The `podman save` and `podman load` commands can now create and load archives containing multiple images [#2669]. - Rootless Podman now supports all `podman network` commands, and rootless containers can now be joined to networks. - The performance of `podman build` on `ADD` and `COPY` instructions has been greatly improved, especially when a `.dockerignore` is present. - The `podman run` and `podman create` commands now support a new mode for the `--cgroups` option, `--cgroups=split`. Podman will create two cgroups under the cgroup it was launched in, one for the container and one for Conmon. This mode is useful for running Podman in a systemd unit, as it ensures that all processes are retained in systemd's cgroup hierarchy [#6400]. - The `podman run` and `podman create` commands can now specify options to slirp4netns by using the `--network` option as follows: `--net slirp4netns:opt1,opt2`. This allows for, among other things, switching the port forwarder used by slirp4netns away from rootlessport. - The `podman ps` command now features a new option, `--storage`, to show containers from Buildah, CRI-O and other applications. - The `podman run` and `podman create` commands now feature a `--sdnotify` option to control the behavior of systemd's sdnotify with containers, enabling improved support for Podman in `Type=notify` units. - The `podman run` command now features a `--preserve-fds` opton to pass file descriptors from the host into the container [#6458]. - The `podman run` and `podman create` commands can now create overlay volume mounts, by adding the `:O` option to a bind mount (e.g. `-v /test:/test:O`). Overlay volume mounts will mount a directory into a container from the host and allow changes to it, but not write those changes back to the directory on the host. - The `podman play kube` command now supports the Socket HostPath type [#7112]. - The `podman play kube` command now supports read-only mounts. - The `podman play kube` command now supports setting labels on pods from Kubernetes metadata labels. - The `podman play kube` command now supports setting container restart policy [#7656]. - The `podman play kube` command now properly handles `HostAlias` entries. - The `podman generate kube` command now adds entries to `/etc/hosts` from `--host-add` generated YAML as `HostAlias` entries. - The `podman play kube` and `podman generate kube` commands now properly support `shareProcessNamespace` to share the PID namespace in pods. - The `podman volume ls` command now supports the `dangling` filter to identify volumes that are dangling (not attached to any container). - The `podman run` and `podman create` commands now feature a `--umask` option to set the umask of the created container. - The `podman create` and `podman run` commands now feature a `--tz` option to set the timezone within the container [#5128]. - Environment variables for Podman can now be added in the `containers.conf` configuration file. - The `--mount` option of `podman run` and `podman create` now supports a new mount type, `type=devpts`, to add a `devpts` mount to the container. This is useful for containers that want to mount `/dev/` from the host into the container, but still create a terminal. - The `--security-opt` flag to `podman run` and `podman create` now supports anew option, `proc-opts`, to specify options for the container's `/proc` filesystem. - Podman with the `crun` OCI runtime now supports a new option to `podman run` and `podman create`, `--cgroup-conf`, which allows for advanced configuration of cgroups on cgroups v2 systems. - The `podman create` and `podman run` commands now support a `--override-variant` option, to override the architecture variant of the image that will be pulled and ran. - A new global option has been added to Podman, `--runtime-flags`, which allows for setting flags to use when the OCI runtime is called. - The `podman manifest add` command now supports the `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify` options. * Security - This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API. * Changes - Podman will now retry pulling an image 3 times if a pull fails due to network errors. - The `podman exec` command would previously print error messages (e.g. `exec session exited with non-zero exit code -1`) when the command run exited with a non-0 exit code. It no longer does this. The `podman exec` command will still exit with the same exit code as the command run in the container did. - Error messages when creating a container or pod with a name that is already in use have been improved. - For read-only containers running systemd init, Podman creates a tmpfs filesystem at `/run`. This was previously limited to 65k in size and mounted `noexec`, but is now unlimited size and mounted `exec`. - The `podman system reset` command no longer removes configuration files for rootless Podman. * API - The Libpod API version has been bumped to v2.0.0 due to a breaking change in the ImageList API. - Docker-compatible Volume Endpoints (Create, Inspect, List, Remove, Prune) are now available! - Added an endpoint for generating systemd unit files for containers. - The `last` parameter to the Libpod container list endpoint now has an alias, `limit` [#6413]. - The Libpod image list API new returns timestamps in Unix format, as integer, as opposed to as strings - The Compat Inspect endpoint for containers now includes port information in NetworkSettings. - The Compat List endpoint for images now features limited support for the (deprecated) `filter` query parameter [#6797]. - Fixed a bug where the Compat Create endpoint for containers was not correctly handling bind mounts. - Fixed a bug where the Compat Create endpoint for containers would not return a 404 when the requested image was not present. - Fixed a bug where the Compat Create endpoint for containers did not properly handle Entrypoint and Command from images. - Fixed a bug where name history information was not properly added in the Libpod Image List endpoint. - Fixed a bug where the Libpod image search endpoint improperly populated the Description field of responses. - Added a `noTrunc` option to the Libpod image search endpoint. - Fixed a bug where the Pod List API would return null, instead of an empty array, when no pods were present [#7392]. - Fixed a bug where endpoints that hijacked would do perform the hijack too early, before being ready to send and receive data [#7195]. - Fixed a bug where Pod endpoints that can operate on multiple containers at once (e.g. Kill, Pause, Unpause, Stop) would not forward errors from individual containers that failed. - The Compat List endpoint for networks now supports filtering results [#7462]. - Fixed a bugwhere the Top endpoint for pods would return both a 500 and 404 when run on a non-existent pod. - Fixed a bug where Pull endpoints did not stream progress back to the client. - The Version endpoints (Libpod and Compat) now provide version in a format compatible with Docker. - All non-hijacking responses to API requests should not include headers with the version of the server. - Fixed a bug where Libpod and Compat Events endpoints did not send response headers until the first event occurred [#7263]. - Fixed a bug where the Build endpoints (Compat and Libpod) did not stream progress to the client. - Fixed a bug where the Stats endpoints (Compat and Libpod) did not properly handle clients disconnecting. - Fixed a bug where the Ignore parameter to the Libpod Stop endpoint was not performing properly. - Fixed a bug where the Compat Logs endpoint for containers did not stream its output in the correct format [#7196]. This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-2063=1 Package List: - openSUSE Leap 15.2 (noarch): podman-cni-config-2.1.1-lp152.4.6.1 - openSUSE Leap 15.2 (x86_64): podman-2.1.1-lp152.4.6.1 References: https://www.suse.com/security/cve/CVE-2020-14370.html https://bugzilla.suse.com/1176804 https://bugzilla.suse.com/1178122 https://bugzilla.suse.com/1178392 _______________________________________________ openSUSE Security Announce mailing list --
Nov 27, 2020
OpenSUSE
89
security advisoryFedorasecurity fixFedora 31: 2020-3a4b8fca5e High: crun Environment Leak Fix
autobuilt v2.1.0,Security fix for CVE-2020-14370. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-3a4b8fca5e 2020-10-09 15:00:23.142125 --------------------------------------------------------------------------------Name : crun Product : Fedora 31 Version : 0.15 Release : 5.fc31 URL : https://github.com/containers/crun Summary : OCI runtime written in C Description : crun is a runtime for running OCI containers --------------------------------------------------------------------------------Update Information: autobuilt v2.1.0,Security fix for CVE-2020-14370 --------------------------------------------------------------------------------ChangeLog: * Wed Sep 30 2020 Lokesh Mandvekar - 0.15-5 - rebuild to bump release tag ahead of older fedoras * Wed Sep 30 2020 Giuseppe Scrivano - 0.15-3 - backport "exec: check read bytes from sync" --------------------------------------------------------------------------------References: [ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API https://bugzilla.redhat.com/show_bug.cgi?id=1874268 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-3a4b8fca5e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 09, 2020
•Critical
Fedora
89
security advisorycriticalFedoraFedora 33: 2020-7b6058fec9 Critical: Podman Environment Leak
autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag on account of prior faulty build_tag macro ---- Add back in capability SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in upstream kernel yet. ---- Remove dangerous capabilities by default. ---- Autobuilt v1.1.1. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-7b6058fec9 2020-10-06 00:14:55.971279 --------------------------------------------------------------------------------Name : podman Product : Fedora 33 Version : 2.1.1 Release : 10.fc33 URL : https://podman.io/ Summary : Manage Pods, Containers and Container Images Description : podman (Pod Manager) is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=podman. Most podman commands can be run as a regular user, without requiring additional privileges. podman uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other. Manage Pods, Containers and Container Images podman Simple management tool for pods, containers and images --------------------------------------------------------------------------------Update Information: autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag on account of prior faulty build_tag macro ---- Add back in capability SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in upstream kernel yet. ---- Remove dangerous capabilities by default. ----Autobuilt v1.1.1 --------------------------------------------------------------------------------ChangeLog: * Sun Oct 4 2020 Lokesh Mandvekar - 2:2.1.1-10 - fix permissiondenied issue when using --net=host * Fri Oct 2 2020 Lokesh Mandvekar - 2:2.1.1-9 - fix capset issue on podman run (upstream PR#7898) - Requires containers-common > = %epoch:1.2.0-2 * Fri Oct 2 2020 Lokesh Mandvekar - 2:2.1.1-8 - Requires: (container-selinux if selinux-policy) * Wed Sep 30 2020 Lokesh Mandvekar - 2:2.1.1-7 - bump release tag for upgrade path * Wed Sep 30 2020 Lokesh Mandvekar - 2:2.1.1-6 - fix crun gating test issue - bump release tag to preserve upgrade path * Wed Sep 23 2020 Lokesh Mandvekar - 2:2.1.1-1 - bump to v2.1.1 - depend on containers-common > = 1.1.1-9 for f33 gating tests * Wed Sep 23 2020 Lokesh Mandvekar - 2:2.1.0-2 - podman-plugins is a weak dep for podman * Tue Sep 22 2020 RH Container Bot - 2:2.1.0-1 - autobuilt v2.1.0 - Resolves: #1874268, #1881345 - CVE-2020-14370 * Fri Sep 18 2020 Lokesh Mandvekar - 2:2.1.0-0.187.rc2 - fix release tag * Thu Sep 17 2020 RH Container Bot - 2:2.1.0-0.186.rc1 - autobuilt v2.1.0-rc2 * Wed Sep 16 2020 Lokesh Mandvekar - 2:2.1.0-0.185.rc1 - fix deps for podman-plugins * Wed Sep 16 2020 Lokesh Mandvekar - 2:2.1.0-0.184.rc1 - podman-plugins depends on dnsmasq * Mon Sep 14 2020 Lokesh Mandvekar - 2:2.1.0-0.183.rc1 - build without btrfs for podman-remote * Mon Sep 14 2020 Lokesh Mandvekar - 2:2.1.0-0.182.rc1 - use correct remote buildtag * Mon Sep 14 2020 Lokesh Mandvekar - 2:2.1.0-0.181.rc1 - bump to v2.1.0-rc1 * Mon Sep 14 2020 RH Container Bot - 2:2.1.0-0.180.dev.git43f2771 - autobuilt v2.1.0-rc1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API https://bugzilla.redhat.com/show_bug.cgi?id=1874268 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2020-7b6058fec9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 05, 2020
•Critical
Fedora
89
security advisorysecurity issueFedoraDebian 11: 2021-2f7610d8b2 Low: Podman Security Enhancement Patch
autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag on account of prior faulty build_tag macro ---- Add back in capability SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in upstream kernel yet. ---- Remove dangerous capabilities by default. ---- Autobuilt v1.1.1. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-7b6058fec9 2020-10-06 00:14:55.971279 --------------------------------------------------------------------------------Name : crun Product : Fedora 33 Version : 0.15 Release : 5.fc33 URL : https://github.com/containers/crun Summary : OCI runtime written in C Description : crun is a runtime for running OCI containers --------------------------------------------------------------------------------Update Information: autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag on account of prior faulty build_tag macro ---- Add back in capability SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in upstream kernel yet. ---- Remove dangerous capabilities by default. ----Autobuilt v1.1.1 --------------------------------------------------------------------------------ChangeLog: * Wed Sep 30 2020 Lokesh Mandvekar - 0.15-5 - rebuild to bump release tag ahead of older fedoras * Wed Sep 30 2020 Giuseppe Scrivano - 0.15-4 - backport "exec: check read bytes from sync" --------------------------------------------------------------------------------References: [ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API https://bugzilla.redhat.com/show_bug.cgi?id=1874268 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-7b6058fec9' at the command line. For moreinformation, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 05, 2020
•Low
Fedora
89
security advisorycriticalFedoraFedora 33: FEDORA-2021-87bfgd0ba35 Important: podman Memory Leak Fix
autobuilt v2.1.0, Security fix for CVE-2020-14370. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-76fcd0ba34 2020-10-02 01:26:57.180439 --------------------------------------------------------------------------------Name : crun Product : Fedora 32 Version : 0.15 Release : 5.fc32 URL : https://github.com/containers/crun Summary : OCI runtime written in C Description : crun is a runtime for running OCI containers --------------------------------------------------------------------------------Update Information: autobuilt v2.1.0, Security fix for CVE-2020-14370 --------------------------------------------------------------------------------ChangeLog: * Wed Sep 30 2020 Lokesh Mandvekar - 0.15-5 - rebuild to bump release tag ahead of older fedoras * Wed Sep 30 2020 Giuseppe Scrivano - 0.15-3 - backport "exec: check read bytes from sync" * Wed Sep 23 2020 RH Container Bot - 0.15-1 - autobuilt 0.15 * Wed Sep 23 2020 Giuseppe Scrivano - 0.15-2 - rebuild * Wed Sep 23 2020 RH Container Bot - 0.15-1 - autobuilt 0.15 --------------------------------------------------------------------------------References: [ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API https://bugzilla.redhat.com/show_bug.cgi?id=1874268 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-76fcd0ba34' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 01, 2020
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!